Bug#553498: Bug#555129: Should not set document root to /var/www - violates the FHS
On Monday 09 November 2009, Manoj Srivastava wrote: Because it violates the FHS -- and it would be at odds with the forthcoming web applications policy. Are you sure access to the document root is unavoidable? Well, it has the document root compiled in, allows only one document root, and doesn't follow symlinks to outside of the document root. That makes it pretty hard. Maybe it is possible to find a solution, but it is not obvious. And it would have to be checked for security issues. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#553498: Bug#555129: Should not set document root to /var/www - violates the FHS
On Sun, Nov 08 2009, Stefan Fritsch wrote: severity 555129 wishlist severity 553498 wishlist thanks On Sunday 08 November 2009, Julien Valroff wrote: This is not one of the /var directories in the File Hierarchy Standard and is under the control of the local administrator. Manoj, both apache2-suexec and dspam-webfrontend are following the policy's recommendation. How can this be a serious bug? Because it violates the FHS -- and it would be at odds with the forthcoming web applications policy. Are you sure access to the document root is unavoidable? manoj -- Biz is better. Manoj Srivastava sriva...@debian.org http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
